Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.mft
File: 5PKoZiAvS4y8MzgtboLYHYlkyA4.mft (raw, json)
Hash identifier: UkHMZMOsq+ba2pakdrp/3BvFdmWIxfaLbuKKtz73J/s=
Subject key identifier: 3C:66:99:76:DD:DE:20:C0:50:AC:2D:A6:CB:E5:C2:F8:99:87:BC:1C
Authority key identifier: E4:F2:A8:66:20:2F:4B:8C:BC:33:38:2D:6E:82:D8:1D:89:64:C8:0E
Certificate issuer: /CN=e4f2a866202f4b8cbc33382d6e82d81d8964c80e
Certificate serial: 019A4D07749702B5AA7B3EA62835FAB4C08F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5PKoZiAvS4y8MzgtboLYHYlkyA4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.mft
Manifest number: 170C
Signing time: Tue 04 Nov 2025 04:02:05 +0000
Manifest this update: Tue 04 Nov 2025 04:02:05 +0000
Manifest next update: Wed 05 Nov 2025 04:02:05 +0000
Files and hashes: 1: 5PKoZiAvS4y8MzgtboLYHYlkyA4.crl (hash: a0aS2fuflwZFlcEAdY57IV+wnwi1eNOGEiaUJgMWXV8=)
2: DwTC30oaWKwssRCXrBoUlk9Q5bw.roa (hash: ijzA7vHvds3BxvrPMvxvhrjeIw/3n+d/qJzXMvHrD7s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.mft
rsync://rpki.ripe.net/repository/DEFAULT/5PKoZiAvS4y8MzgtboLYHYlkyA4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 04:02:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:07:74:97:02:b5:aa:7b:3e:a6:28:35:fa:b4:c0:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4f2a866202f4b8cbc33382d6e82d81d8964c80e
Validity
Not Before: Nov 4 04:02:05 2025 GMT
Not After : Nov 5 04:02:05 2025 GMT
Subject: CN=3c669976ddde20c050ac2da6cbe5c2f89987bc1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:1b:a7:5d:fd:44:04:cb:22:74:81:e2:70:a5:
5e:5e:75:70:4b:ee:b1:97:3b:a3:79:9a:ae:15:fe:
c8:5d:2f:2c:c1:01:5f:15:3b:c2:d4:6a:e7:6f:8f:
0b:e4:14:08:ce:2d:e1:ff:81:87:e4:ec:51:52:1f:
56:fb:f8:25:b8:60:36:f3:08:d4:2e:41:d9:f7:03:
eb:78:08:de:53:fa:33:06:ee:00:33:b6:49:72:bd:
41:06:3c:27:25:2e:c8:20:ed:d0:6a:b8:5d:a9:e1:
b3:09:33:d8:79:b0:44:f8:ac:ac:a8:ef:00:56:33:
84:d7:bc:82:6f:de:b6:c2:1b:8d:5f:30:70:18:25:
7d:b8:5b:83:b4:46:51:55:96:7e:c6:11:5a:fc:2d:
62:d4:26:44:61:7d:01:36:2f:42:4c:3d:5c:94:a3:
9d:43:aa:7a:48:a1:6e:00:dd:6c:fa:b2:cf:10:ff:
18:c8:ff:6b:42:40:d8:a5:60:26:f5:ee:48:8f:6b:
16:ae:b6:c7:3f:72:ec:37:67:66:3c:cd:25:44:59:
35:c6:49:47:45:c9:ca:8c:f8:8b:92:95:aa:5b:33:
8d:50:d1:b3:c7:7e:94:20:ba:a5:ba:e5:f8:b3:c8:
b5:05:a0:5b:49:e2:b9:72:59:e3:df:10:18:69:74:
d6:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:66:99:76:DD:DE:20:C0:50:AC:2D:A6:CB:E5:C2:F8:99:87:BC:1C
X509v3 Authority Key Identifier:
keyid:E4:F2:A8:66:20:2F:4B:8C:BC:33:38:2D:6E:82:D8:1D:89:64:C8:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5PKoZiAvS4y8MzgtboLYHYlkyA4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:ae:57:bc:29:fd:7c:d0:86:e9:cb:54:6b:bc:13:c6:56:0e:
6a:9f:ce:48:7b:7b:8a:e6:6d:05:ed:20:b8:c2:2f:3e:31:4c:
7e:36:53:32:c8:06:38:d7:6c:49:61:91:ac:8b:d8:59:f7:df:
46:2d:e2:5d:c3:36:b5:42:33:ec:fa:ac:01:ad:01:25:c6:8c:
9a:49:17:14:2a:00:7f:d3:23:6c:6b:c0:42:75:d4:c0:3d:e9:
30:9c:9a:15:81:87:cc:fd:17:a1:18:ee:75:c4:d3:d8:cf:cf:
c4:53:35:9f:cf:e0:a0:3f:5d:27:7b:9b:45:93:43:84:4c:45:
d9:05:16:e1:70:5a:69:44:af:a9:a8:e1:c3:61:b3:05:81:3e:
40:67:c7:99:c6:ef:94:27:70:04:fa:ad:80:6f:f4:33:0b:52:
4d:69:9b:0f:d4:db:4d:67:bd:b0:95:a7:a6:69:ea:47:ee:91:
e2:03:63:ba:0c:b9:30:51:ec:71:be:e3:09:84:95:cb:6f:f1:
9c:4c:4d:c6:6f:c2:01:8f:ac:72:58:00:bf:5a:52:b0:13:a4:
79:4a:ae:47:51:29:ac:ac:1a:61:6c:c1:cc:53:43:e1:74:51:
6a:5e:e4:fc:39:90:a6:eb:a9:05:67:e1:05:5f:96:f2:12:2d:
9d:25:50:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNB3SXArWqez6mKDX6tMCPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZjJhODY2MjAyZjRiOGNiYzMzMzgyZDZlODJkODFkODk2
NGM4MGUwHhcNMjUxMTA0MDQwMjA1WhcNMjUxMTA1MDQwMjA1WjAzMTEwLwYDVQQD
EygzYzY2OTk3NmRkZGUyMGMwNTBhYzJkYTZjYmU1YzJmODk5ODdiYzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxunXf1EBMsidIHicKVeXnVwS+6x
lzujeZquFf7IXS8swQFfFTvC1Grnb48L5BQIzi3h/4GH5OxRUh9W+/gluGA28wjU
LkHZ9wPreAjeU/ozBu4AM7ZJcr1BBjwnJS7IIO3QarhdqeGzCTPYebBE+KysqO8A
VjOE17yCb962whuNXzBwGCV9uFuDtEZRVZZ+xhFa/C1i1CZEYX0BNi9CTD1clKOd
Q6p6SKFuAN1s+rLPEP8YyP9rQkDYpWAm9e5Ij2sWrrbHP3LsN2dmPM0lRFk1xklH
RcnKjPiLkpWqWzONUNGzx36UILqluuX4s8i1BaBbSeK5clnj3xAYaXTWIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDxmmXbd3iDAUKwtpsvlwviZh7wcMB8GA1UdIwQY
MBaAFOTyqGYgL0uMvDM4LW6C2B2JZMgOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVBLb1ppQXZTNHk4TXpndGJvTFlIWWxreUE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy84NzkxYTEtZTY3OS00NjYzLWEyZGEt
MWE1MTNkZjA2OWZjLzEvNVBLb1ppQXZTNHk4TXpndGJvTFlIWWxreUE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy84NzkxYTEtZTY3OS00NjYzLWEyZGEtMWE1MTNkZjA2OWZj
LzEvNVBLb1ppQXZTNHk4TXpndGJvTFlIWWxreUE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATa5XvCn9
fNCG6ctUa7wTxlYOap/OSHt7iuZtBe0guMIvPjFMfjZTMsgGONdsSWGRrIvYWfff
Ri3iXcM2tUIz7PqsAa0BJcaMmkkXFCoAf9MjbGvAQnXUwD3pMJyaFYGHzP0XoRju
dcTT2M/PxFM1n8/goD9dJ3ubRZNDhExF2QUW4XBaaUSvqajhw2GzBYE+QGfHmcbv
lCdwBPqtgG/0MwtSTWmbD9TbTWe9sJWnpmnqR+6R4gNjugy5MFHscb7jCYSVy2/x
nExNxm/CAY+sclgAv1pSsBOkeUquR1EprKwaYWzBzFND4XRRal7k/DmQpuupBWfh
BV+W8hItnSVQ+w==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:46:28 2025 by rpki-client